Auditable Publish logs.
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | Bileto |
Critical
|
Robert Bruce Park | ||
| | CI Train [cu2d] |
Fix Released
|
Critical
|
Robert Bruce Park | |
Bug Description
Steve has requested auditable publish logs. This should be modeled similarly to the existing Comment class, such that publish records can be created but not edited or deleted. they should record who clicked publish, what was published, and what job options were used.
| Steve Langasek (vorlon) wrote : | #1 |
| Robert Bruce Park (robru) wrote : | #2 |
Consider this scenario:
1. User clicks 'edit' on a landing request.
2. jenkins pushes an updated status to bileto
3. User clicks 'save' on their edit.
What happens is that the status set by jenkins is simply lost forever. Nothing will bring it back.
I propose instead of "auditable publish logs" we have an auditable activity log, we abandon the nebulous "status" field of the request table and create an immutable (similar to the comments table) record of all statuses from all builds, including what was published and when by who.
| Changed in bileto: | |
| importance: | Undecided → High |
| Changed in bileto: | |
| importance: | High → Critical |
| Changed in cupstream2distro: | |
| status: | New → Triaged |
| importance: | Undecided → Critical |
| assignee: | nobody → Robert Bruce Park (robru) |
| Changed in bileto: | |
| status: | Triaged → Fix Released |
| Changed in cupstream2distro: | |
| status: | Triaged → Fix Released |
User stories:
* as a user of the train, when looking at a landing in bileto I want to be able to (easily) find out who published it so that I can ask them a question about its status at time of publication
* as an Ubuntu developer, I want to know who signed off on a particular problematic packaging change via the train
* as an Ubuntu archive admin, I want the train to enforce the policy that all packaging changes sent via the train are signed off by an Ubuntu developer with the relevant upload rights, and be able to verify this.